Hacker News: rozumbrada

New comment by rozumbrada in "Ask HN: How to be SOC2 Type 2 compliant as a solo-entreprenuer?"

rozumbrada — Fri, 15 May 2026 07:53:35 +0000

Not possible in case your clients are not stupid. Any company with SOC2 and <5 people is a red flag.

You might find auditors that would go along but any reasonable client will check your SOC2 report and quality of your auditors.

SOC2 requires tons of paperwork and management and separation of duties with also mandatory roles in your company - never feasible in a one man show.

New comment by rozumbrada in "GPT-5.3-Codex"

rozumbrada — Thu, 05 Feb 2026 21:43:15 +0000

I read this exact comment with I would say completely the same words several times in X and I would bet my money it's LLM generated by someone who has not even tried both the tools. This AI slop even in the site like this without direct monetisation implications from fake engagement is making me sick...

New comment by rozumbrada in "[dead]"

rozumbrada — Fri, 21 Nov 2025 16:02:08 +0000

Finally... We had two days without large outage, I started to worry a little

StratoCyberLab – open-source and local-only hacking lab

rozumbrada — Tue, 30 Sep 2025 07:38:47 +0000

Article URL: https://github.com/stratosphereips/stratocyberlab

Comments URL: https://news.ycombinator.com/item?id=45422929

Points: 2

# Comments: 0

New comment by rozumbrada in "Hosting a website on a disposable vape"

rozumbrada — Mon, 15 Sep 2025 15:59:43 +0000

This is why I go to hackernews every day <3

New comment by rozumbrada in "Next.js is infuriating"

rozumbrada — Tue, 02 Sep 2025 09:06:16 +0000

If you finally decided to support proper server-side middleware, why is there still a limitation for only one middleware function and not a chain of middleewares as every other sane server implementation offers?

New comment by rozumbrada in "How much EU is in DNS4EU?"

rozumbrada — Thu, 12 Jun 2025 08:49:48 +0000

The last hop showed in the BGP route is AS60068 (cdn77) which is a Czech company with global physical network. It does not mean the data are going through GB, it's not that easy.

New comment by rozumbrada in "War story: the hardest bug I ever debugged"

rozumbrada — Thu, 27 Mar 2025 13:43:05 +0000

I have no doubts that V8 has a rich test suites - including tests for the absolute value function.

But then a production optimized build apparently contains different code? This sounds to me like a system flaw

New comment by rozumbrada in "0-click deanonymization attack targeting Signal, Discord, other platforms"

rozumbrada — Wed, 22 Jan 2025 10:03:11 +0000

I believe in reality it's a bit more complicated

CDNs do not choose datacenters for users based on a geographic distance. The number one metric is latency but latency != physical distance. Second metric is optimizations of price of data transfer between peers and IXPs which results in very dynamic routing rules. Then consider also network/software hickups/maintanance and distribution of datacenters' load...

Amusing messages in DNS TXT records vol.2

rozumbrada — Tue, 29 Oct 2024 18:48:51 +0000

Article URL: https://twitter.com/lukasf0rst/status/1851315675014340806

Comments URL: https://news.ycombinator.com/item?id=41988019

Points: 3

# Comments: 0

New comment by rozumbrada in "Bizarre Stuff in DNS"

rozumbrada — Mon, 28 Oct 2024 07:27:41 +0000

For people without Twitter/X account, this is a summary as a single post https://threadreaderapp.com/thread/1850658084491874555.html

New comment by rozumbrada in "The Alarming Prevalence of Zone Transfers"

rozumbrada — Mon, 21 Oct 2024 19:30:33 +0000

Wow I hear for the first time that some TLD registrar would explicitelly allow zone transfer of the whole zone... talking about the Swedish TLD mentioned in the article.

This really works

dig @zonedata.iis.se se axfr

Show HN: StratoCyberLab – Local cyber range to practice attacking and defending

rozumbrada — Tue, 01 Oct 2024 16:00:53 +0000

Article URL: https://github.com/stratosphereips/stratocyberlab

Comments URL: https://news.ycombinator.com/item?id=41710171

Points: 3

# Comments: 0

New comment by rozumbrada in "Enumerating DNS zones using NSEC"

rozumbrada — Fri, 27 Sep 2024 13:55:53 +0000

Could you apply here the Kerckhoffs's principle which says that security should not be based on secrecy? I know the original principle speaks about encryption but why should not it apply here aswell? Organisation should be secure by design and not by hoping nobody discovers all its assets. That being said maybe the mentioned Swedish approach to have the TLD zone public makes sense?

New comment by rozumbrada in "Storing RSA Private Keys in DNS TXT Records?"

rozumbrada — Tue, 24 Sep 2024 00:17:15 +0000

Could the act of publishing private keys to achieve a plausible deniablity actually backfire? If nobody is able to prove that the organisation sent the email, then the organisation is also not able to prove it. It works both ways. So imagine the organisation needs to prove an authenticity of some email because of a legal dispute. By publishing the private keys, it prevented itself from doing that